{"id":"e1e25e3b-62a0-4a66-8ec1-d4ca5a9dbc38","shortId":"j985b4","kind":"skill","title":"Semgrep Custom Rule Builder","tagline":"Creates custom Semgrep SAST rules using the semgrep CLI and rule schema YAML format. Supports pattern-either, metavariable-regex, and taint-mode tracking for detecting framework-specific vulnerabilities in Python, Go, and JavaScript.","description":"# Semgrep Custom Rule Builder\n\nCreates custom Semgrep SAST rules using the semgrep CLI and rule schema YAML format. Supports pattern-either, metavariable-regex, and taint-mode tracking for detecting framework-specific vulnerabilities in Python, Go, and JavaScript.\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- $ brew install semgrep\n- $ docker run -it -v \"${PWD}:/src\" semgrep/semgrep semgrep login\n- $ docker run -e SEMGREP_APP_TOKEN=<TOKEN> --rm -v \"${PWD}:/src\" semgrep/semgrep semgrep ci\n- $ brew upgrade semgrep\n\nRequirements and caveats from upstream:\n- <a href=\"https://hub.docker.com/r/semgrep/semgrep\">\n- <img src=\"https://img.shields.io/docker/pulls/semgrep/semgrep.svg?style=flat-square\" alt=\"Docker Pulls\" />\n- <img src=\"https://img.shields.io/docker/pulls/semgrep/semgrep.svg?style=flat-square\" alt=\"Docker Pulls (Old)\" />\n\nBasic usage or getting-started notes:\n- Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep [supports 30+ languages](#language-support) and can run in an IDE, as a...\n- [From the Semgrep AppSec Platform](#option-1-getting-started-from-the-semgrep-appsec-platform-recommended)\n- [From the CLI](#option-2-getting-started-from-the-cli)\n\n- Source: https://github.com/semgrep/semgrep\n- Extracted from upstream docs: https://raw.githubusercontent.com/semgrep/semgrep/HEAD/README.md\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/semgrep-custom-rule-builder-3/)","tags":["semgrep","custom","rule","builder","skills","agentskillexchange","agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex"],"capabilities":["skill","source-agentskillexchange","skill-semgrep-custom-rule-builder-3","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/semgrep-custom-rule-builder-3","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,558 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:24.785Z","embedding":null,"createdAt":"2026-05-18T13:19:18.015Z","updatedAt":"2026-05-18T19:12:24.785Z","lastSeenAt":"2026-05-18T19:12:24.785Z","tsv":"'-1':178 '-2':192 '/semgrep/semgrep':202 '/semgrep/semgrep/head/readme.md':209 '/skills/semgrep-custom-rule-builder-3/)':216 '/src':103,116 '30':159 'agent':211 'agentskillexchange.com':215 'agentskillexchange.com/skills/semgrep-custom-rule-builder-3/)':214 'analysi':143 'app':111 'appsec':175,185 'basic':128 'brew':95,120 'bug':149 'builder':4,45 'caveat':125 'ci':119 'cli':13,54,190,198 'code':147,155 'creat':5,46 'custom':2,6,43,47 'detect':32,73 'doc':206 'docker':98,107 'e':109 'either':22,63 'enforc':151 'environ':94 'exchang':213 'extract':203 'fast':138 'find':148 'format':18,59 'framework':34,75 'framework-specif':33,74 'get':132,180,194 'getting-start':131 'getting-started-from-the-c':193 'getting-started-from-the-semgrep-appsec-platform-recommend':179 'github.com':201 'github.com/semgrep/semgrep':200 'go':39,80 'guardrail':153 'ide':169 'instal':83,87,96 'javascript':41,82 'languag':160,162 'language-support':161 'login':106 'match':92 'metavari':24,65 'metavariable-regex':23,64 'mode':29,70 'note':134 'open':140 'open-sourc':139 'option':177,191 'path':90 'pattern':21,62 'pattern-eith':20,61 'platform':176,186 'pwd':102,115 'python':38,79 'raw.githubusercontent.com':208 'raw.githubusercontent.com/semgrep/semgrep/head/readme.md':207 'recommend':187 'regex':25,66 'requir':123 'rm':113 'rule':3,9,15,44,50,56 'run':99,108,166 'sast':8,49 'schema':16,57 'search':146 'secur':152 'semgrep':1,7,12,42,48,53,97,105,110,118,122,135,157,174,184 'semgrep/semgrep':104,117 'setup':89 'skill':212 'skill-semgrep-custom-rule-builder-3' 'sourc':141,199,210 'source-agentskillexchange' 'specif':35,76 'standard':156 'start':133,181,195 'static':142 'support':19,60,158,163 'taint':28,69 'taint-mod':27,68 'token':112 'tool':144 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'track':30,71 'upgrad':121 'upstream':86,127,205 'usag':129 'use':10,51,84 'v':101,114 'vulner':36,77 'yaml':17,58","prices":[{"id":"474c26e4-ed71-4f0d-93e7-e25aa24d9231","listingId":"e1e25e3b-62a0-4a66-8ec1-d4ca5a9dbc38","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:19:18.015Z"}],"sources":[{"listingId":"e1e25e3b-62a0-4a66-8ec1-d4ca5a9dbc38","source":"github","sourceId":"agentskillexchange/skills/semgrep-custom-rule-builder-3","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/semgrep-custom-rule-builder-3","isPrimary":false,"firstSeenAt":"2026-05-18T13:19:18.015Z","lastSeenAt":"2026-05-18T19:12:24.785Z"}],"details":{"listingId":"e1e25e3b-62a0-4a66-8ec1-d4ca5a9dbc38","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"semgrep-custom-rule-builder-3","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"9473169564575d16efe713f6e26fc67c3e98bec4","skill_md_path":"skills/semgrep-custom-rule-builder-3/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/semgrep-custom-rule-builder-3"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Semgrep Custom Rule Builder","description":"Creates custom Semgrep SAST rules using the semgrep CLI and rule schema YAML format. Supports pattern-either, metavariable-regex, and taint-mode tracking for detecting framework-specific vulnerabilities in Python, Go, and JavaScript."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/semgrep-custom-rule-builder-3"},"updatedAt":"2026-05-18T19:12:24.785Z"}}